A new startup has entered the cybersecurity market offering services to campaigns and groups.
Langley Cyber, which officially opened its doors this week, is the brainchild of two former SKDK executives.
Jerry Sussman, who was the comms firm’s chief information security officer, and Ted Chiodo, who served as CEO, were both on the job when the firm was reportedly targeted by Russian hackers in September 2020 because of its work for the Biden-Harris campaign.
“That experience really gave us a unique perspective on the threats out there, as well as effective mitigation strategies,” Chiodo told C&E.
While the team comes from the Democratic side of the consulting industry, there won’t be a political litmus test or size requirement for the businesses, campaigns, groups, NGOs or philanthropies they’re willing to work with.
“The one thing that I learned at SKDK is there’s a clear need in the marketplace,” Chiodo said. “Who is at risk? If you are publicly facing, if you have a digital footprint then you are at risk. The bad actors don’t make a distinction because, for some of them, it is a pure volume play.”
There’s certainly no shortage of competition for Langley Cyber, which draws its name from Sussman’s three decades of service at the CIA. It’s set to offer intrusion detection, incident response, strategic security consulting services, network monitoring, security training, proprietary tools, and open-source intelligence and research services.
While FireEye and CrowdStrike are two of the biggest competitors, smaller, industry-focused shops have set up recently to offer free or no-cost services to campaigns, firms and groups. Chiodo said his firm has an edge because of its understanding of the threat landscape and how it can tailor its services to clients’ specific needs.
“You have to understand that there’s not a silver bullet in the marketplace,” he said. “You really have to have a comprehensive strategy. So you there are a bunch of folks who will sell specific and unique tools and those tools are created to solve one or two problems. But defensive systems really need to be multilayered, and they need to be equally sophisticated as the attacks.”
Chiodo also warned against clients shopping for services they think they need because of media coverage about a targeted hack.
“What’s largely been reported in the press are the things that we know about. We really need to focus in on the stuff that we might not know about — those next generation of threats. The ones that aren’t widely reported,” he said.
Campaigns, groups and firms also need to focus on training employees to understand the threats and their role in protecting their professional and personal data, he added. “That’s where we see this moving — the distinction between private and personal networks, those are breaking down. So we have to make sure that both the firms and the committees evolve with the attacks.”